CVE-2025-1796
Published: 20 March 2025
Summary
CVE-2025-1796 is a high-severity PRNG (CWE-338) vulnerability in Langgenius Dify. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 39.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires secure generation and management of authenticators including password reset codes, directly preventing the use of cryptographically weak PRNG like random.randint.
Mandates timely identification, reporting, and correction of software flaws such as the weak PRNG vulnerability in password reset code generation.
Requires cryptographic mechanisms with sufficient strength and randomness for protecting authentication functions, mitigating weak PRNG exploitation in reset codes.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The weak PRNG in password reset codes can be exploited by attackers with workflow tool access to predict codes, enabling account takeover (including admin accounts) for privilege escalation (T1068) and credential access (T1212).
NVD Description
A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PRNG) used for generating password reset codes. The application uses `random.randint` for this purpose, which is not…
more
suitable for cryptographic use and can be cracked. An attacker with access to workflow tools can extract the PRNG output and predict future password reset codes, leading to a complete compromise of the application.
Deeper analysisAI
CVE-2025-1796, published on 2025-03-20, is a vulnerability in langgenius/dify version 0.10.1 that stems from the use of a weak pseudo-random number generator (PRNG) for generating password reset codes. Specifically, the application employs Python's `random.randint` function, which is not cryptographically secure and is classified under CWE-338 (Use of Cryptographically Weak Pseudo-Random Number Generator). This flaw enables attackers to crack the codes, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The attack requires low-privileged access (PR:L), such as to workflow tools within the application, allowing network-based exploitation (AV:N) without user interaction (UI:N). An attacker can extract PRNG output from these tools to predict subsequent password reset codes, facilitating unauthorized takeover of any account, including administrator accounts, and leading to full application compromise with high impacts on confidentiality, integrity, and availability.
Details on advisories, patches, and mitigation are available in the Huntr security bounty report at https://huntr.com/bounties/a60f3039-5394-4e22-8de7-a7da9c6a6e00.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Dify (langgenius/dify) is an open-source platform for building, deploying, and managing LLM-based AI applications and agents, aligning with Enterprise AI Assistants. The vulnerability is in the platform's authentication system, confirmed AI-related via AI/ML bug bounty context.